﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;
using YQGL.Common;

namespace YQGL.Controllers
{
    public class PasswordController : Controller
    {
        //
        // GET: /Password/
        BLL.DL_QY DL_QYBLL = new BLL.DL_QY();
        public ActionResult Index(int Type=0)
        {
            ViewData["Type"] = Type;
             string LoginID = OperateSession.get("LoginID");
             if (string.IsNullOrEmpty(LoginID))
             {

                 Response.Redirect(Url.Action("Index", "Index"));
             }
             else
             {
                 Model.DL_QY DLModel = DL_QYBLL.GetModel(LoginID);
                 return View("Index", DLModel);

             }
            
             return View();
        }
     
   
        private string ExitstByPasswordold(string oldPassword)
        {
            try
            {
                string FLogID = OperateSession.get("LoginID");

                Model.DL_QY DLModel = DL_QYBLL.GetModel(FLogID);
               ;
               if (DLModel.Pwd != FormsAuthentication.HashPasswordForStoringInConfigFile(oldPassword, "MD5"))
                {
                    return "false";
                }
                else
                {
                    return "true";
                    ;
                }
            }
            catch (System.Exception ex)
            {
                return "false";
            }
        }
       

        [HttpPost]
        public string EditPassword()
        {
            string errMsg = "";
            try
            {
                string FLogID = OperateSession.get("LoginID");

                string oldPassword = Fetch.Post("oldPassword");
                if (Fetch.Post("hdType") == "0")
                {
                    if (string.IsNullOrEmpty(oldPassword))
                    {
                        errMsg += "原始密码不能为空";
                        return errMsg;
                    }
                    if (ExitstByPasswordold(oldPassword).ToLower() != "true")
                    {
                        errMsg += "原始密码错误";
                        return errMsg;
                    }
                }else
                {

                    if (string.IsNullOrEmpty(OperateSession.get("PWDType")))
                    
                    {
                        errMsg = "重置密码未通过短信验证";
                        return errMsg;
                    }
                }
                string newPassword = Fetch.Post("newPassword");
                string newPassword1 = Fetch.Post("newPassword1");
                if (newPassword != newPassword1)
                {

                    errMsg += "两次输入新密码不匹配";
                    return errMsg;
                }
               

                if (string.IsNullOrEmpty(newPassword1))
                {
                    errMsg += "新密码不能为空";
                    return errMsg;
                }
                if (string.IsNullOrEmpty(newPassword))
                {
                    errMsg += "新密码不能为空";
                    return errMsg;
                }
                if (errMsg == "")
                {
                Model.DL_QY DLModel = DL_QYBLL.GetModel(FLogID);
              
                 DLModel.Pwd = FormsAuthentication.HashPasswordForStoringInConfigFile(newPassword, "MD5");
                  
                DL_QYBLL.UpdatePWD(DLModel);
                OperateSession.del("PWDType");
                return "ok";

                }
            }
            catch (System.Exception ex)
            {
                return errMsg + ex.Message;
            }
            return errMsg;
        }

    }
}
